March 20, 2024 • 34 mins
Robert and Mia talk with famed No Fly List hacker maia arson crimew about the shady industry of stalkerware, spy software that allows people to spy on their victims' devices.
See omnystudio.com/listener for privacy information.
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Speaker 1 (00:01):
All Zone Media.
Speaker 2 (00:05):
Welcome back to It Could Happen here, the podcast that's
happening here in your ear. And one of the things
that we love talking about here is a critical ingredient
towards creeping authoritarianism, towards growing corporate control and surveillance over
all of our lives, which is of course technology that
makes it even easier to monitor you than it already is.
(00:29):
We're not talking primarily about like the government monitoring you,
because they can, you know, do stuff like just pull
your phone data from a you know what, which cell
towers is pinged. We're talking about the kind of stuff
that allows basically whoever can get an app on your
phone to track and stalk you. And Yeah, I'm going
to first introduce Mia Wong. Mia, welcome to the show
(00:52):
that you also host. Yes, I'm here. So what are
we what are we talking about today? And who are
we talking with? Yeah, so we are talking about stalker war,
which is the sort of broad name for the category
of software that Robert has been talking about. And we
are talking about someone who hacked well a stoker where
(01:12):
stalker Yeah, one.
Speaker 3 (01:15):
Of the stockerware companies my Aris and Crime, the fame
hacker of the no fly list. Yeah, returning guests, always
happy to have you on.
Speaker 4 (01:24):
Yeah, I always happy to be on. Yeah.
Speaker 3 (01:29):
So I think I think, I don't know. I think
there's a real tendency among and I see this among
leftists a lot for kind of good reasons and kind
of not good reasons to really only focus on state
and like large corporate actors in terms of surveillance. And
(01:50):
that's a mistake.
Speaker 4 (01:52):
Yeah, totally.
Speaker 3 (01:54):
Yeah, And so I guess I guess the place where
I want to start before we get into the specific
company that you do, is it still called owned?
Speaker 4 (02:03):
I can't. It's fine to call it owned or pond
or whatever. I still do that. Sometimes people get confused.
Speaker 3 (02:10):
But yeah, yeah, But before we get into that, I
want to I want to ask you a bit because
you've done a lot of sort of I guess you
could call it research, both actual research wise and then
in terms of poking around their servers.
Speaker 4 (02:26):
Research and journalism and whatever. Do you want to call it?
Speaker 3 (02:29):
Yeah, hex, Yeah, So I wanted to just start off
by asking if you can give sort of like a
brief summary of what stalker ware is.
Speaker 4 (02:39):
Yeah. So so, so stoker ware like as a category
encompasses like a number of different types of apps. Most
of them, like on the service, advertise themselves as like
parental control software, which is already bad enough. Just to
be clear that there's like advertised for like spying on
your children's phone, like seeing their location in real time,
seeing their such as that they receive any photo they take.
(03:03):
Ostensibly this is to prevent bullying and help with them
when they get depressed because they don't trust you and
talk to you for whatever reason. But obviously a lot
of these are then furthermore because that's like that, Sure,
that's a like target audience, that's a demographic you can
advertise too. But then there's this even bigger potential target
(03:23):
demographic of people who are insecure in their relationship, mostly men,
not only men, but who are then solved this idea
that they can use software like this for stalking their partner,
for finding out if they are cheating on you, things
like that, which is obviously an even bigger problem, which
once again not to discount the problems. That's spying on
your children. It's already like bad enough, but yeah, lead
(03:45):
this leads to this whole big industry of these apps
being used by partners against each other, like also just
by people, like against anyone in the in their surroundings
that they suspect might be doing something might be like
talking behind their backs. It often kind of turns into
like it obviously turns into this obsessive thing, especially if
(04:08):
you're solved this idea that this this app can magically
solve like interpersonal issues, like with anything that sells you
this magic idea of being able to solve any problem.
That these people start kind of spying on everyone in
their like circles to some of them, like not everyone,
most like a lot of people only spying like their
partner or like their child or whatever. But it often
(04:28):
like spirals out of control into this like controlling everyone
in their surroundings, knowing what everyone is up to where
they are, and spending like hundreds of dollars a month
on doing so. And yeah, that's pretty fucked up if
you ask me.
Speaker 2 (04:41):
Yeah, yeah. One of the things that's interesting too. It's
also in a lot of cases illegal. This is going
to vary, you know, from country to country, in state
to state, but in the US there are states like California,
which gets pointed out in the very good Tech Crunch
investigation on truth spy, where there are really strict laws
that journalists like you have to by bias to win.
You can record someone that these these apps absolutely break.
Speaker 4 (05:05):
Yes, it's specifically I think that doesn't. Most of these
app will have like disclaimerate upon that is like this
might be I legal and your jurisdiction, and please ask
for consent before doing this, and then they have lots
of tutorials on how to install this in someone's device
without their consent. Yeah, but it's like always like a
we do not take any like we we it's not
our fault if you break the law basically, which obviously,
(05:27):
like it's so far not a lot of this has
been challenged in court, but I don't think this would
hold up too long. But I don't think just saying
we make a product to do crimes with if you
do crimes of it, it's not I mean it works
for the gun industry.
Speaker 2 (05:42):
So yeah. The difference is that like the with the
gun industry, it's a product where there is a legal
and an illegal, like clear way to do it.
Speaker 4 (05:52):
The thing with stocker were as well is that like
a lot of them will also explicitly say the only
real use of this we allow you to do to
use it for is to surveill your child, which unfortunately
is legal in most jurisdictions because children are property of
their parents. Yeah quotes because I do not agree with that, but.
Speaker 2 (06:10):
Yeah, it's one of those things where people using it,
like someone installing an app on their exes or their
their partner's phone or whatever without consent, could very easily
would lose any court case. Whether or not the company
would get in trouble. I think is going to rely
a lot on the stuff the videos they're posting about,
like how to put how to get these apps on
(06:30):
people's phones without them knowing, but like they do have
that out with like no, it's just for surveilling children,
which is.
Speaker 4 (06:36):
Great, and for anyone else you need consent or whatever.
But I think it is important, yeah, to point us
out very early for anyone who's listening to this because
they think they might have stock over on their phones,
or because they know they have stock Averre on their phones,
you can use this in a domestic abuse case, well immediately,
this is explicit proof that abuse is happening, no matter
(06:56):
anything else, because like that's the thing generally with domestic
abuse case it's really hard to prove abuses happening. Stalkerware
and any other type of spying device like also physical
GPS trackers and stuff that is immediate proof that there
is a there's controlling behavior going on, that you are
being spined on. This it cannot only be used and
(07:17):
there's explicit, admissible evidence. This is also usually like makes
cases first like not for you like it just yeah,
it like can potentially add charges and make it more serious,
and that it can help making cops give a shit
about like abuse, which yeah, I hate that I need
to say that, but yeah, it's like it makes it
(07:39):
more serious because there's like spyware and whatever.
Speaker 2 (07:42):
It's easy evidence first off, like you can prove they're
spying on you. And second, if you are in one
of the states where that violates the law, then you
can immediately say this person is breaking the law, like
this is we don't have to debate whether or not
they've they've crossed the line.
Speaker 4 (07:56):
Yeah, And even if it doesn't directly break the law
to spy on someone on a partner like it, depending
on the on the on the region, it can be
kind of a hazy thing, especially if it's a device
you might co own if it's like a state where
you where with like code possession or whatever. In the US,
I do not know US law very much around this,
but yeah, there's like laws like that. But usually still
(08:18):
the fact that you're being spied on can be used
as proof for other abuse things you might be alleging,
because it's like hard proof that something is happening. And
also usually these companies will somewhat have to respond to
some point US, so they will have to give out
like who that account on there is behind like the
spying on your phone for some of them. We can
also there's also tools that help you find out who
(08:40):
is spying on you, or there's like someone with forensic
background can help.
Speaker 2 (08:45):
Yeah, and I think people. One thing we should note
is that if you're kind of curious, has my device
been infected by some of these tools, one the one
that we've been talking about most truth spy. If you
go to that tech Crunch article.
Speaker 4 (08:59):
Or to my art it also has a link yet.
Speaker 2 (09:01):
Or to ye to your article on your website. There's
a tool you can use where you it'll tell you
how to get your IMSI I think I am I Yeah,
which you just dial a thing on your phone and
it gives you that number. It's basically how you identify
specific bones and you plug that in. It will let
you know if your device has been compromised.
Speaker 4 (09:22):
Now like December last year up until there is the
data and if you yeah, it can pretty much tell
you if you've been spined on using this specific tool
until then. For other stuff, there's also guides usually on
TechCrunch and otherwise also on Stop Stockerwear dot ARC, which
is the US Coalition against Stalker War, and also just generally,
I think a lot of like more local anti stocking,
(09:45):
anti abuse works are not as informed yet as they
should be, but there's still a good point also to
reach out to or like.
Speaker 2 (09:52):
Yeah, yeah. One of my questions about truth Spy that
I'm hoping you can answer is I know that you
can like text messages get transferred via it, your call records,
all that kind of stuff, get and who you were calling.
Does that include messages for like encrypted apps like Signal
or is that not accessible through this?
Speaker 4 (10:11):
It depends, Like for some of these, it will like
get signal messages, what's the messages and everything generally by
reading the notification contents, because like from notifications you know,
like what messages are have been like received. Sometimes it
will only then have the received messages and not the
set messages. Often these also include like a key logger
component that mapps messages then sent back as well. It
(10:35):
depends a lot what these apps collect, but for most
of them, also the collection for other texting apps is
usually kind of broken. None of these apps are really
well maintained. They're mostly just quick cash graps, yeah, are
there to maintain features usually don't really work.
Speaker 2 (10:51):
And it seems like based on that, one thing people
can do outside of checking to see if their device
has been compromised, is do stuff like turn off notifications
for appslaing signal right, like, and that's that's actually just
generally good advice. Notifications are a compromise of the security
that signal offers. Don't have them enabled, you know, yeah,
(11:15):
or at the.
Speaker 4 (11:15):
Very least disabled them on the lock screen on Android. Yeah,
I don't know how. I think that's also possible on iOS,
but I think I doesn't show message content on the
lock screen anyways. I'm not sure anymore. But yeah, it's
just also small things like that, And also like one
of the key tells that someone probably tampered with your phone,
especially for Android, is if Google play Protect is disabled
(11:36):
and you do not remember disabling it for something else,
it was almost definitely disabled because someone installed something on
your phone. Just try re enabling it. Then they will
probably tell you something. The thing also to keep in
mind if you find stockaware on your phone, please get
professional help. Do not just delete it. Do not like
necessarily confront whoever you think might be your abuser about
(11:58):
it unless you're very issue that that's the situation you
can handle, because like, yeah, that that there's one of
those things that like bringing it up or just deleting
it can very quickly lead to like yeah, yeah, complicating
the situation a lot.
Speaker 3 (12:13):
You know what else complicates the situation.
Speaker 2 (12:16):
These ads.
Speaker 3 (12:29):
And we are back.
Speaker 2 (12:31):
So when it comes to the actual fight against this stuff,
obviously what you're doing is a big part of it.
Getting inside these companies and finding out like what they're
doing and their capabilities is huge for in terms of
like what regular people are people who are interested in
becoming activists about this can do. What does the what
is the struggle to actually fight this stuff look like?
(12:53):
Like how do we how do we put a bullet
in this industry's head.
Speaker 4 (12:57):
I think one of the biggest things. And also like
why I do the worker do with like hacking it
with encouraging others to like send me data, be that
insiders from these companies sending it either to me or
like tech Crunch specifically currently because like me and tech
crunch are like the only people really doing like journalism
on this like regularly. And the important thing with like
(13:18):
journalism and all of this is like awareness. It's very
important to create awareness about this. That's also why I
do the media work with like being on this podcast
and things like that. I think the most important thing
is to make people aware, like talk about this in
your feminist circles or whatever, things like that especially bring
it up just also in like general info things about
abuse or how to detect abuse. I think the most
(13:40):
important thing to do against stocker whereas demestify it, because
most people don't even know that this is a thing,
that this is, like that there's just commercially available spyware
anyone can install on your phone. It's as important to
not like give in to some sort of paranoia as
with any of these things. It's just important to like, yeah,
generate awareness about it. And like spread these articles, let
(14:04):
friends know that this is a potential thing, and then yeah,
the hard thing with this is that, like obviously it
should will probably help if there was some sort of
legislation against some of this, it's going to be very
hard to get any proper legislation that ends this industry
because in most Western countries, which are the only countries
which unfortunately they would have enough power to like actually
(14:27):
get these apps shut down, because that's the world we
live in. But the problem there is usually that like
this notion that children are owned by their parents is
too strong to really make a full case against these apps.
And at the very best what I can, like the
very best time kind of hoping for from from legislators
(14:47):
is just a ban on advertising these apps on use
against other adults, which would be big already, but that
doesn't really solve the issue because there's still going to
be enough people who know of their use for use
against adults, and the there's going to be enough people
on like Creddit threads talking about, hey, well yeah, you
oh you're not sure if your government is cheating on you, look,
(15:07):
you can just use this app, you know. That's also
how most of this marketing for this works. It's just yeah,
at the end of the day, this is like a
patriarchal issue. So yeah, I think that's also why, like
I am so focused on like the hacking and the
like blowing these companies up and showing like who's behind them.
It's because at the end of the day, the most
(15:28):
effective thing we have against these companies is like the
grassroots movement of making them too scared to run in
this business, making it not profitable enough, because as I said,
most of this is like quick cash grabs from like
web design studios and outsourcing companies. Yeah that a're just
making a quick buck from this because otherwise they don't
get paid enough. Like that's the sad thing really is
(15:50):
how much of this industry is in all of these countries.
Western companies outsource their IT too, because there's lots of
IT companies there and they are entirely reliant on like
Western companies giving them very underpaid tasks. And Yeah, this
problem that you now have a bunch of employees and
not enough money to always pay them. And what do
(16:11):
you do, You like find some weird niche of like
a tech product you can quickly build. Yeah, and this
is like one of those easy niches. It's like always
the scummy stuff and like yeah, it's that's also why
like so many of these companies are like based out
of Vietnam, out of Iran and whatever. It's just companies
that already have it hard enough to do business globally,
(16:31):
where the IT industry is like falling apart because there's
not enough like local customers and anything that's international. You're
just the cheap workforce, right, So yeah, it's it's once
again also like a class problem. I don't like most
people working in this industry know that they're working in
a like scummy industry.
Speaker 2 (16:51):
Yeah of course, but like yeah, you got to get
paid and that's.
Speaker 4 (16:55):
Yeah, And that's like why I think making it more
scary to operate in this industry is like, yes, the
wait to go because like with just like these like
four hacks that have happened against these companies over the
last like half a year or so, two of them,
three of them, three of them have shut down completely.
Others seem to be slowly moving towards just building other
(17:18):
software primarily. Yeah, it's just like, yeah, it's like with
any other like shady industry that the best we can
do is just do not make it profitable to run
the software, because at the very best, anything else we
will get it's just pushing them more into the shadows,
which is not going to solve the issue at all.
Speaker 2 (17:38):
Yeah. I think a lot about like strategic thinking, which
I do believe is kind of often in part because
of how rightfully negative most people on the left think
about the military. There's a tendency to ignore some of
like the theory around how to actually win a conflict
and all of it all all strategy really, when you're
(17:59):
talking about like defeating an opponent revolves around denying and
taking operational area from them, right Yeah, And that's what
you're talking about when you talk about, well we need
to stop this. You know, one of the first things
we can do as part of fighting this is to
stop them from being able to advertise certain places. Right
It's making sure that they're not able to operate without
being seen. It's basically cutting down their area, their space
(18:23):
to maneuver, their ability to profit, which cuts down their money,
their access to people, their ability to actually operate.
Speaker 4 (18:31):
Right.
Speaker 2 (18:31):
Like, that's what we're looking at in terms of how
do you kill this stuff. It's not one single Really,
I use the comparison of like a bullet, but it's
never going to be one bullet. These things are too durable.
There's too many countries in play to do that.
Speaker 4 (18:43):
Yeah, that's also why I put so much emphasis on
doing media work about this and getting more people to
talk about this and getting more awareness of this out there,
to the point where I'm willing to work with more
conservative newspapers on this because everyone needs to know about this.
At the end of the day. This is how we
like stop people from falling victims to this. Most people
(19:03):
who are a victim of stocker apps have never heard
of stocker apps before, and I think that's like one
of the biggest ways to tackle this. And on the
other hand, we also have I think another big leverage
point with how many of these are getting hacked because
none of these apps are very secure. That's another thing
is this can also be leveraged against like the abusers
(19:24):
in this scenario. I think just pointing out to them
that all of these apps get hacked all the time
and that this is how they get found out, that
that this is how their data of them as abusers
ends up landing on the internet. I think It's also
like a very important angle at the end of the day,
is just to make it clear like yeah, no, not
even you are like secure from this having consequences for
(19:46):
your life, like beyond like direct interpersonal or legal consequences.
This can and in the past has result in like
your email adders being on a list of people who
have do abuse to people online. You don't want to
be on such a list. I think that's also important
just to like point out there isn't one stockover app
that's not eventually going to get hacked. There is a
(20:08):
big war against these apps. They're all like there's so
many different hacking groups that keep sending me data from
these like I'm already working on another article that already
once again affects like the data of like I think
like eighty thousand more like abusers, and it's just the
abuser data this time. But I'm still going to report
on it like it's it's it's this is not going
(20:30):
to stop. It's even also not going to stop when
I stop reporting on this myself, like I've there's been
work before me down on this. I also the first
time I got involved in finding stock over was back
in twenty twenty. People have been hacking these apps forever
and will keep hacking them. Like just look at the
Wikipedia page for stocker, where there's an ever growing list
(20:51):
of these apps that have been hacked. And I think
at this point that like official count being kept by
one of the people at TechCrunch is at like thirty apps,
a few of which have been hacked two or three times. Yeah,
these are not These are not secure apps for any.
Speaker 2 (21:09):
No, no, no, of course not. Yeah, and they yeah,
I mean it makes sense that like an app dedicated
to violating people's privacy for money would also basically violate
the privacy of the people using it.
Speaker 4 (21:22):
Yeah, and also they don't care. Like I said, it's
a cash grap, it's nothing else. There's a few apps
that are like a little more than a cash crap,
but it's usually just because they're made, Like there's still
a cash grap, but they're like more well made, but
it's because they're a cash graph from a company that
has better developers or more money to do the initial investment.
(21:44):
The thing is also like most of these companies don't
have a lot of initial investment, And I think the
important thing to consider as well, here is one big
area of this that I have not yet started tackling,
but I do want to like look into more sometimes.
Is a big reason this industry is and most of
these apps have a lot of users despite there being
(22:04):
so many of them, is the affiliate marketing industry. Once again,
our very beloved friend. Yeah, all of these apps are
parts of various affiliate marketing networks, some of them started
by Stockerware Company, and some of them just other like
things to advertise all the shady things like all those
phone number locator apps or whatever, that's also part of
(22:26):
those same affiliate marketing networks. And there's lots of money
flowing here, and there's lots of money flowing to very
big tech YouTube channels, and I might soon have some
proof for some of that. But that's how these are advertised.
It's everyone who advertises stockerware to you, who has a
big platform, is doing that because they're getting money, not
for any other reason.
Speaker 2 (22:48):
We need to do more heads.
Speaker 3 (22:50):
We will be back shortly, and we are back.
Speaker 2 (23:06):
Well that's all I had, Miya, what do you got?
Speaker 3 (23:09):
Yeah, I guess there's there's another thing I wanted to
ask a little bit about, which Zach Whitaker who's been
one of the journal journalists that tech Crunch doing a
lot of the research is great. One of the things
that he brings up that I think is another I
don't know, it's kind of a plane with fire angle
on them. But one of the issues that these companies
seem to have is payment platforms, because a lot of
(23:34):
payment platforms look at this and go wait, hold.
Speaker 4 (23:38):
On, yeah, So that's yeah. We've talked about that a
little bit. That's an angle. We've also been a fighting
on a lot. Like me and Sig, we work on
most of these stories together.
Speaker 1 (23:46):
Like it.
Speaker 4 (23:47):
It's kind of funny. We both got each other into
the stock over thing back in twenty twenty. As I mentioned,
that was the first time I stumbled into a stock
cover app with a security issue. I reached out to
some random journalist that tech Crunch about it, and now
he is the only one talking about this forever because
I reached out to him that one time and he
got sucked into this horrible, horrible world of spying. But yeah, like,
(24:11):
one of the things we focus on a lot is
reporting these companies to their payment providers, to their server hosters,
to the point where sometimes like for weeks sack will
just wait for them to switch to a new provider
after we got them taken them from like PayPal, and
then from their other PayPal account where they're just using
like the checkout experience from one of their completely unrelated
(24:31):
software projects which they will later claim is not related
at all and there are different companies and whatever. But
then like eventually they get taken down from that as well,
and usually we can get them taken them from most
like Western hosters, like especially US hosters, will immediately take
them down. You do not want to risk being the
company hosting spyware on US grounds. Yeah, yeah, it's just
(24:53):
like same with EU hosters, Like the few companies that
we've seen that were on Headsnerd, they immediately react because
it's like, yeah, no want like under EULO, you don't
want to like risk that. And also just because you
don't want to host that, like there's no reason for
you to host shit like that. It will have like
image consequences, and that's an important thing that is maybe
(25:16):
also something you can do as more like a grassroots thing.
It's also like if you find one of these apps
and if you see, oh, they're using like PayPal or whatever,
just reach out. I think paper is even harder to
reach as like just an average lay person. I don't
expect them to reply. They might still take action, you
will have to manually check. PayPal doesn't really reply to
(25:36):
things ever. But yeah, same as like hosting company, if
it's either hosted on like a European or American hosting company,
I just just reach out, be like, hey, there's someone
running spyware on your thing. Also used the word spyware,
not stocker, where they will not know what that is,
and it is spyware. So yeah, and that can usually
get them taken down. And often they don't have proper
(25:58):
backups and will have a few months of data missing,
and it's like, yeah, that's how you slowly grind them
to a halt. Yeah. And also once again like if
you have tips about any of these companies, be it
having found a vulnerability just or insider info especially I'm
always very happy about the insider info. You can reach
out to either me or Sakudak. We're both very happy
(26:20):
to talk about this. Yeah.
Speaker 3 (26:23):
Yeah, that's something that's been used really effectively by right
wingers to target sex workers. There's been a huge thing,
there's been a bunch of campaigns to get platform companies.
And yeah, so it's.
Speaker 4 (26:36):
It's interesting that for once we can use the very
restrictive and conservative rules of payment providers for our good.
Speaker 3 (26:44):
Yeah.
Speaker 4 (26:44):
But yeah, basically any of the big payment providers will
not respect something like this. Some of the small regional
odd ones probably won't really give a shit. They have
no reason to. It's like revenue for them. But yeah,
it's generally worth trying. And I'm always glad like if
someone just reaches out to these companies and we don't
have to do that ourselves. I think me and second
(27:06):
to a few other people like actively working in this
are doing more than enough work currently. But yeah, like
just if you find one of these things that don't
go digging too deep. It's a depressing world. But if
you stumble upon one of these somewhere or whatever, just
just report them. It's it's it's going to disrupt their operations,
and if it happens often enough, they might just give up. Yeah,
(27:28):
And I mean, like in cases like the truth Spy,
they are willing to do extreme amounts of fraud to
get to money easily because they like started with like
mostly just in like with the market they could get
with their Vietnamese payment providers, right, And eventually they realized, well,
the US is like this really big market, right, but
(27:49):
for really easy like US stuff, we need like a
PayPal thing, right, So they made like over twelve fake
American identities with fake passports and fake addresses and sign
up to pay Paul a whole bunch of times and
had various employees that the company move money around. Yeah,
that's obviously not a thing the US government will like
(28:10):
if you do that. Generally speaking, they moved like millions
like that, so yeah, which is pretty crazy like that.
The amount of money that's moving in this industry is crazy,
Like yeah, actually, like most of these app apps will
be half broken, which no one ever complains about because
like it's shady, ye, Like you don't expect like if
(28:31):
you go online and you search for something shady like anything,
like be it piracy or whatever, you don't expect it
to be the best experience ever. Like you know, you're
getting some weird service and it's probably going to be
half broken. But yeah, like most of these talkover apps
start at like forty dollars a month and more and
then some days for more features, you pay like up
to sixty or seventy or so, and then all of
(28:53):
these have like tens of thousands of users, sometimes hundreds
of thousands of users. Yeah, you can do them yourself.
It's crazy. This is a really big industry, which makes
it so crazy to me that it's like not a
thing that's talked about more, especially in like feminist spaces
and things like that, because this is such a like
big angle of like modern tech enabled abuse that they
(29:16):
really think should should be more of a topic, especially
on the left, Like this is this is bad?
Speaker 2 (29:22):
Yeah, no, this is like critically bad. I agree entirely.
Speaker 4 (29:25):
And also like that the whole thing with like all
of this data being so easily accept your data can
end up getting sold on some dark web forum. You're
both asked the abuse around that's the target, right, and
the government can find these like I have no like
this is this is not me making a statement of
that's a thing that's happening, but there's nothing preventing that
(29:46):
from hacking these companies and getting like like I sometimes
like when whenever I get these data sets, and it's
always hard to work with data sets that include like
non consent essentially collected data of people right, yes, but
like I do want it's like do some due diligence checks,
like mostly trying to find if the government is using
a specific app. Sometimes yes, there's always like the odd
(30:07):
correction law of somebody officer who has signed up for
one or two of these apps or like education people
and whatever. But then I also some of the search
through the text message just for just some code words
and the amount of people moving drugs half Stocker were
on their phones.
Speaker 2 (30:23):
It's you know, yeah, and it's it's one of those
things where there are laws, like technically, if if my
understanding of the laws around this are correct, it is
illegal for an organization like the FBI to utilize these apps.
Speaker 4 (30:38):
But yes, but we have an organized and called the
NSA who.
Speaker 2 (30:45):
And it is it is on paper illegal for them
to do this with a third party app. But one
thing that often gets done, particularly by the FBI, but
you know, not just by them, is it's not illegal
for law enforcement agencies to tracked with private agencies. And
if those agencies you don't you just don't check in
(31:05):
on what they're doing, you know, what they're using.
Speaker 4 (31:08):
But like yeah, or like if an inform or like
if an informant like sends you to data, like you're
not going to say.
Speaker 2 (31:14):
No exactly exactly.
Speaker 4 (31:16):
And also you don't really need to disclose that because
it's information and got froment informant. You do not need
to disclose that informant in court ever. So yeah, it's
it's it's there. There are there are ways around, you know,
the laws that we put up, not that we shouldn't
continue to extend those laws, but you shouldn't like just
because well they're not allowed to use this doesn't mean
(31:36):
they can't get access to the info.
Speaker 2 (31:38):
Yeah.
Speaker 4 (31:39):
Yeah. And also there's all this important thing like there's
more like also globally, like there's other governments that can't
just be using this, Like for one of the apps
I got.
Speaker 2 (31:46):
The government, the Russian government doesn't give a ship.
Speaker 4 (31:50):
That was also like another thing where I's like for
one of the apps I got data for. There was
some indication that at some point the Colombian National Police
did a bigger evaluation of using commercials spyware for their
use because you're in the country with not that big
of a like police budget in comparison, you cannot afford
like all the Coolestraeli tools everyone else has, So what
(32:12):
do you do? You just look for random apps you
can find, you know.
Speaker 2 (32:15):
Yeah, you find the Walmart, the Kirklin, the wish to conversion.
I guess yeah, yeah, yeah yeah Ali Baba spywear right. Yeah.
Speaker 4 (32:25):
I don't think most of them moved forward with this
because these apps fucking suck. Like they're bad. Like that's
that's the other thing, Like they don't even really do
their jump. Well, they're bad and you don't know who
is behind them. You cannot even go up to someone
and be like, yo, don't do this. You also knnot
go to the cops and be like this company is
scamming me, because yeah, I assume some people have probably
(32:46):
done that before, but it does involve with admitting to
a crime. So yeah, it's like, yeah, these companies just
get away with not giving a shit about their product
because like.
Speaker 2 (32:56):
Yeah, yeah, well I think that's that's all we had.
Thank you Maya for both the work you're doing and
for talking to us. Yeah, is there anything you wanted
to plug before we roll out here?
Speaker 4 (33:09):
Just my just my blog, I think where we're like,
I do this journalistic work and also more, there's about
to be another cool investigative piece out soon, which tincantually
involves more tracking and whatever and also involves like Hollywood
and more. It's it's, it's it's a crazy big story.
I promise that will be out like hopefully in a
month or so. But yeah, my blog at Maya dot
(33:32):
CRIMEU dot gay crime, you as in crime w yeah,
and kay as in gay yeah. Yeah. Just check out
my blog at the bottom of the blog. There's all
my links to my social media for anyone who's like
listening to this and has been wondering where I am.
I am back on Twitter as well.
Speaker 2 (33:50):
Yeah for now for you, that's for for all of
us these days. That's always like this point.
Speaker 4 (33:58):
But yeah, I am back on Twitter. I am I'm
posting there sometimes. Yeah.
Speaker 2 (34:04):
All right, well, thank you and thank you all for listening.
We will be back tomorrow unless this comes out on
a Friday, in which case we'll be back at some
other point, but soon.
Speaker 1 (34:20):
It could happen here as a production of cool Zone Media.
For more podcasts from cool Zone Media, visit our website
Coolzonemedia dot com, or check us out on the iHeartRadio app,
Apple Podcasts, or wherever you listen to podcasts. You can
find sources for it could happen here. Updated monthly at
coolzonemedia dot com Slash sources. Thanks for listening.
All Zone Media.
Speaker 2 (00:05):
Welcome back to It Could Happen here, the podcast that's
happening here in your ear. And one of the things
that we love talking about here is a critical ingredient
towards creeping authoritarianism, towards growing corporate control and surveillance over
all of our lives, which is of course technology that
makes it even easier to monitor you than it already is.
(00:29):
We're not talking primarily about like the government monitoring you,
because they can, you know, do stuff like just pull
your phone data from a you know what, which cell
towers is pinged. We're talking about the kind of stuff
that allows basically whoever can get an app on your
phone to track and stalk you. And Yeah, I'm going
to first introduce Mia Wong. Mia, welcome to the show
(00:52):
that you also host. Yes, I'm here. So what are
we what are we talking about today? And who are
we talking with? Yeah, so we are talking about stalker war,
which is the sort of broad name for the category
of software that Robert has been talking about. And we
are talking about someone who hacked well a stoker where
(01:12):
stalker Yeah, one.
Speaker 3 (01:15):
Of the stockerware companies my Aris and Crime, the fame
hacker of the no fly list. Yeah, returning guests, always
happy to have you on.
Speaker 4 (01:24):
Yeah, I always happy to be on. Yeah.
Speaker 3 (01:29):
So I think I think, I don't know. I think
there's a real tendency among and I see this among
leftists a lot for kind of good reasons and kind
of not good reasons to really only focus on state
and like large corporate actors in terms of surveillance. And
(01:50):
that's a mistake.
Speaker 4 (01:52):
Yeah, totally.
Speaker 3 (01:54):
Yeah, And so I guess I guess the place where
I want to start before we get into the specific
company that you do, is it still called owned?
Speaker 4 (02:03):
I can't. It's fine to call it owned or pond
or whatever. I still do that. Sometimes people get confused.
Speaker 3 (02:10):
But yeah, yeah, But before we get into that, I
want to I want to ask you a bit because
you've done a lot of sort of I guess you
could call it research, both actual research wise and then
in terms of poking around their servers.
Speaker 4 (02:26):
Research and journalism and whatever. Do you want to call it?
Speaker 3 (02:29):
Yeah, hex, Yeah, So I wanted to just start off
by asking if you can give sort of like a
brief summary of what stalker ware is.
Speaker 4 (02:39):
Yeah. So so, so stoker ware like as a category
encompasses like a number of different types of apps. Most
of them, like on the service, advertise themselves as like
parental control software, which is already bad enough. Just to
be clear that there's like advertised for like spying on
your children's phone, like seeing their location in real time,
seeing their such as that they receive any photo they take.
(03:03):
Ostensibly this is to prevent bullying and help with them
when they get depressed because they don't trust you and
talk to you for whatever reason. But obviously a lot
of these are then furthermore because that's like that, Sure,
that's a like target audience, that's a demographic you can
advertise too. But then there's this even bigger potential target
(03:23):
demographic of people who are insecure in their relationship, mostly men,
not only men, but who are then solved this idea
that they can use software like this for stalking their partner,
for finding out if they are cheating on you, things
like that, which is obviously an even bigger problem, which
once again not to discount the problems. That's spying on
your children. It's already like bad enough, but yeah, lead
(03:45):
this leads to this whole big industry of these apps
being used by partners against each other, like also just
by people, like against anyone in the in their surroundings
that they suspect might be doing something might be like
talking behind their backs. It often kind of turns into
like it obviously turns into this obsessive thing, especially if
(04:08):
you're solved this idea that this this app can magically
solve like interpersonal issues, like with anything that sells you
this magic idea of being able to solve any problem.
That these people start kind of spying on everyone in
their like circles to some of them, like not everyone,
most like a lot of people only spying like their
partner or like their child or whatever. But it often
(04:28):
like spirals out of control into this like controlling everyone
in their surroundings, knowing what everyone is up to where
they are, and spending like hundreds of dollars a month
on doing so. And yeah, that's pretty fucked up if
you ask me.
Speaker 2 (04:41):
Yeah, yeah. One of the things that's interesting too. It's
also in a lot of cases illegal. This is going
to vary, you know, from country to country, in state
to state, but in the US there are states like California,
which gets pointed out in the very good Tech Crunch
investigation on truth spy, where there are really strict laws
that journalists like you have to by bias to win.
You can record someone that these these apps absolutely break.
Speaker 4 (05:05):
Yes, it's specifically I think that doesn't. Most of these
app will have like disclaimerate upon that is like this
might be I legal and your jurisdiction, and please ask
for consent before doing this, and then they have lots
of tutorials on how to install this in someone's device
without their consent. Yeah, but it's like always like a
we do not take any like we we it's not
our fault if you break the law basically, which obviously,
(05:27):
like it's so far not a lot of this has
been challenged in court, but I don't think this would
hold up too long. But I don't think just saying
we make a product to do crimes with if you
do crimes of it, it's not I mean it works
for the gun industry.
Speaker 2 (05:42):
So yeah. The difference is that like the with the
gun industry, it's a product where there is a legal
and an illegal, like clear way to do it.
Speaker 4 (05:52):
The thing with stocker were as well is that like
a lot of them will also explicitly say the only
real use of this we allow you to do to
use it for is to surveill your child, which unfortunately
is legal in most jurisdictions because children are property of
their parents. Yeah quotes because I do not agree with that, but.
Speaker 2 (06:10):
Yeah, it's one of those things where people using it,
like someone installing an app on their exes or their
their partner's phone or whatever without consent, could very easily
would lose any court case. Whether or not the company
would get in trouble. I think is going to rely
a lot on the stuff the videos they're posting about,
like how to put how to get these apps on
(06:30):
people's phones without them knowing, but like they do have
that out with like no, it's just for surveilling children,
which is.
Speaker 4 (06:36):
Great, and for anyone else you need consent or whatever.
But I think it is important, yeah, to point us
out very early for anyone who's listening to this because
they think they might have stock over on their phones,
or because they know they have stock Averre on their phones,
you can use this in a domestic abuse case, well immediately,
this is explicit proof that abuse is happening, no matter
(06:56):
anything else, because like that's the thing generally with domestic
abuse case it's really hard to prove abuses happening. Stalkerware
and any other type of spying device like also physical
GPS trackers and stuff that is immediate proof that there
is a there's controlling behavior going on, that you are
being spined on. This it cannot only be used and
(07:17):
there's explicit, admissible evidence. This is also usually like makes
cases first like not for you like it just yeah,
it like can potentially add charges and make it more serious,
and that it can help making cops give a shit
about like abuse, which yeah, I hate that I need
to say that, but yeah, it's like it makes it
(07:39):
more serious because there's like spyware and whatever.
Speaker 2 (07:42):
It's easy evidence first off, like you can prove they're
spying on you. And second, if you are in one
of the states where that violates the law, then you
can immediately say this person is breaking the law, like
this is we don't have to debate whether or not
they've they've crossed the line.
Speaker 4 (07:56):
Yeah, And even if it doesn't directly break the law
to spy on someone on a partner like it, depending
on the on the on the region, it can be
kind of a hazy thing, especially if it's a device
you might co own if it's like a state where
you where with like code possession or whatever. In the US,
I do not know US law very much around this,
but yeah, there's like laws like that. But usually still
(08:18):
the fact that you're being spied on can be used
as proof for other abuse things you might be alleging,
because it's like hard proof that something is happening. And
also usually these companies will somewhat have to respond to
some point US, so they will have to give out
like who that account on there is behind like the
spying on your phone for some of them. We can
also there's also tools that help you find out who
(08:40):
is spying on you, or there's like someone with forensic
background can help.
Speaker 2 (08:45):
Yeah, and I think people. One thing we should note
is that if you're kind of curious, has my device
been infected by some of these tools, one the one
that we've been talking about most truth spy. If you
go to that tech Crunch article.
Speaker 4 (08:59):
Or to my art it also has a link yet.
Speaker 2 (09:01):
Or to ye to your article on your website. There's
a tool you can use where you it'll tell you
how to get your IMSI I think I am I Yeah,
which you just dial a thing on your phone and
it gives you that number. It's basically how you identify
specific bones and you plug that in. It will let
you know if your device has been compromised.
Speaker 4 (09:22):
Now like December last year up until there is the
data and if you yeah, it can pretty much tell
you if you've been spined on using this specific tool
until then. For other stuff, there's also guides usually on
TechCrunch and otherwise also on Stop Stockerwear dot ARC, which
is the US Coalition against Stalker War, and also just generally,
I think a lot of like more local anti stocking,
(09:45):
anti abuse works are not as informed yet as they
should be, but there's still a good point also to
reach out to or like.
Speaker 2 (09:52):
Yeah, yeah. One of my questions about truth Spy that
I'm hoping you can answer is I know that you
can like text messages get transferred via it, your call records,
all that kind of stuff, get and who you were calling.
Does that include messages for like encrypted apps like Signal
or is that not accessible through this?
Speaker 4 (10:11):
It depends, Like for some of these, it will like
get signal messages, what's the messages and everything generally by
reading the notification contents, because like from notifications you know,
like what messages are have been like received. Sometimes it
will only then have the received messages and not the
set messages. Often these also include like a key logger
component that mapps messages then sent back as well. It
(10:35):
depends a lot what these apps collect, but for most
of them, also the collection for other texting apps is
usually kind of broken. None of these apps are really
well maintained. They're mostly just quick cash graps, yeah, are
there to maintain features usually don't really work.
Speaker 2 (10:51):
And it seems like based on that, one thing people
can do outside of checking to see if their device
has been compromised, is do stuff like turn off notifications
for appslaing signal right, like, and that's that's actually just
generally good advice. Notifications are a compromise of the security
that signal offers. Don't have them enabled, you know, yeah,
(11:15):
or at the.
Speaker 4 (11:15):
Very least disabled them on the lock screen on Android. Yeah,
I don't know how. I think that's also possible on iOS,
but I think I doesn't show message content on the
lock screen anyways. I'm not sure anymore. But yeah, it's
just also small things like that, And also like one
of the key tells that someone probably tampered with your phone,
especially for Android, is if Google play Protect is disabled
(11:36):
and you do not remember disabling it for something else,
it was almost definitely disabled because someone installed something on
your phone. Just try re enabling it. Then they will
probably tell you something. The thing also to keep in
mind if you find stockaware on your phone, please get
professional help. Do not just delete it. Do not like
necessarily confront whoever you think might be your abuser about
(11:58):
it unless you're very issue that that's the situation you
can handle, because like, yeah, that that there's one of
those things that like bringing it up or just deleting
it can very quickly lead to like yeah, yeah, complicating
the situation a lot.
Speaker 3 (12:13):
You know what else complicates the situation.
Speaker 2 (12:16):
These ads.
Speaker 3 (12:29):
And we are back.
Speaker 2 (12:31):
So when it comes to the actual fight against this stuff,
obviously what you're doing is a big part of it.
Getting inside these companies and finding out like what they're
doing and their capabilities is huge for in terms of
like what regular people are people who are interested in
becoming activists about this can do. What does the what
is the struggle to actually fight this stuff look like?
(12:53):
Like how do we how do we put a bullet
in this industry's head.
Speaker 4 (12:57):
I think one of the biggest things. And also like
why I do the worker do with like hacking it
with encouraging others to like send me data, be that
insiders from these companies sending it either to me or
like tech Crunch specifically currently because like me and tech
crunch are like the only people really doing like journalism
on this like regularly. And the important thing with like
(13:18):
journalism and all of this is like awareness. It's very
important to create awareness about this. That's also why I
do the media work with like being on this podcast
and things like that. I think the most important thing
is to make people aware, like talk about this in
your feminist circles or whatever, things like that especially bring
it up just also in like general info things about
abuse or how to detect abuse. I think the most
(13:40):
important thing to do against stocker whereas demestify it, because
most people don't even know that this is a thing,
that this is, like that there's just commercially available spyware
anyone can install on your phone. It's as important to
not like give in to some sort of paranoia as
with any of these things. It's just important to like, yeah,
generate awareness about it. And like spread these articles, let
(14:04):
friends know that this is a potential thing, and then yeah,
the hard thing with this is that, like obviously it
should will probably help if there was some sort of
legislation against some of this, it's going to be very
hard to get any proper legislation that ends this industry
because in most Western countries, which are the only countries
which unfortunately they would have enough power to like actually
(14:27):
get these apps shut down, because that's the world we
live in. But the problem there is usually that like
this notion that children are owned by their parents is
too strong to really make a full case against these apps.
And at the very best what I can, like the
very best time kind of hoping for from from legislators
(14:47):
is just a ban on advertising these apps on use
against other adults, which would be big already, but that
doesn't really solve the issue because there's still going to
be enough people who know of their use for use
against adults, and the there's going to be enough people
on like Creddit threads talking about, hey, well yeah, you
oh you're not sure if your government is cheating on you, look,
(15:07):
you can just use this app, you know. That's also
how most of this marketing for this works. It's just yeah,
at the end of the day, this is like a
patriarchal issue. So yeah, I think that's also why, like
I am so focused on like the hacking and the
like blowing these companies up and showing like who's behind them.
It's because at the end of the day, the most
(15:28):
effective thing we have against these companies is like the
grassroots movement of making them too scared to run in
this business, making it not profitable enough, because as I said,
most of this is like quick cash grabs from like
web design studios and outsourcing companies. Yeah that a're just
making a quick buck from this because otherwise they don't
get paid enough. Like that's the sad thing really is
(15:50):
how much of this industry is in all of these countries.
Western companies outsource their IT too, because there's lots of
IT companies there and they are entirely reliant on like
Western companies giving them very underpaid tasks. And Yeah, this
problem that you now have a bunch of employees and
not enough money to always pay them. And what do
(16:11):
you do, You like find some weird niche of like
a tech product you can quickly build. Yeah, and this
is like one of those easy niches. It's like always
the scummy stuff and like yeah, it's that's also why
like so many of these companies are like based out
of Vietnam, out of Iran and whatever. It's just companies
that already have it hard enough to do business globally,
(16:31):
where the IT industry is like falling apart because there's
not enough like local customers and anything that's international. You're
just the cheap workforce, right, So yeah, it's it's once
again also like a class problem. I don't like most
people working in this industry know that they're working in
a like scummy industry.
Speaker 2 (16:51):
Yeah of course, but like yeah, you got to get
paid and that's.
Speaker 4 (16:55):
Yeah, And that's like why I think making it more
scary to operate in this industry is like, yes, the
wait to go because like with just like these like
four hacks that have happened against these companies over the
last like half a year or so, two of them,
three of them, three of them have shut down completely.
Others seem to be slowly moving towards just building other
(17:18):
software primarily. Yeah, it's just like, yeah, it's like with
any other like shady industry that the best we can
do is just do not make it profitable to run
the software, because at the very best, anything else we
will get it's just pushing them more into the shadows,
which is not going to solve the issue at all.
Speaker 2 (17:38):
Yeah. I think a lot about like strategic thinking, which
I do believe is kind of often in part because
of how rightfully negative most people on the left think
about the military. There's a tendency to ignore some of
like the theory around how to actually win a conflict
and all of it all all strategy really, when you're
(17:59):
talking about like defeating an opponent revolves around denying and
taking operational area from them, right Yeah, And that's what
you're talking about when you talk about, well we need
to stop this. You know, one of the first things
we can do as part of fighting this is to
stop them from being able to advertise certain places. Right
It's making sure that they're not able to operate without
being seen. It's basically cutting down their area, their space
(18:23):
to maneuver, their ability to profit, which cuts down their money,
their access to people, their ability to actually operate.
Speaker 4 (18:31):
Right.
Speaker 2 (18:31):
Like, that's what we're looking at in terms of how
do you kill this stuff. It's not one single Really,
I use the comparison of like a bullet, but it's
never going to be one bullet. These things are too durable.
There's too many countries in play to do that.
Speaker 4 (18:43):
Yeah, that's also why I put so much emphasis on
doing media work about this and getting more people to
talk about this and getting more awareness of this out there,
to the point where I'm willing to work with more
conservative newspapers on this because everyone needs to know about this.
At the end of the day. This is how we
like stop people from falling victims to this. Most people
(19:03):
who are a victim of stocker apps have never heard
of stocker apps before, and I think that's like one
of the biggest ways to tackle this. And on the
other hand, we also have I think another big leverage
point with how many of these are getting hacked because
none of these apps are very secure. That's another thing
is this can also be leveraged against like the abusers
(19:24):
in this scenario. I think just pointing out to them
that all of these apps get hacked all the time
and that this is how they get found out, that
that this is how their data of them as abusers
ends up landing on the internet. I think It's also
like a very important angle at the end of the day,
is just to make it clear like yeah, no, not
even you are like secure from this having consequences for
(19:46):
your life, like beyond like direct interpersonal or legal consequences.
This can and in the past has result in like
your email adders being on a list of people who
have do abuse to people online. You don't want to
be on such a list. I think that's also important
just to like point out there isn't one stockover app
that's not eventually going to get hacked. There is a
(20:08):
big war against these apps. They're all like there's so
many different hacking groups that keep sending me data from
these like I'm already working on another article that already
once again affects like the data of like I think
like eighty thousand more like abusers, and it's just the
abuser data this time. But I'm still going to report
on it like it's it's it's this is not going
(20:30):
to stop. It's even also not going to stop when
I stop reporting on this myself, like I've there's been
work before me down on this. I also the first
time I got involved in finding stock over was back
in twenty twenty. People have been hacking these apps forever
and will keep hacking them. Like just look at the
Wikipedia page for stocker, where there's an ever growing list
(20:51):
of these apps that have been hacked. And I think
at this point that like official count being kept by
one of the people at TechCrunch is at like thirty apps,
a few of which have been hacked two or three times. Yeah,
these are not These are not secure apps for any.
Speaker 2 (21:09):
No, no, no, of course not. Yeah, and they yeah,
I mean it makes sense that like an app dedicated
to violating people's privacy for money would also basically violate
the privacy of the people using it.
Speaker 4 (21:22):
Yeah, and also they don't care. Like I said, it's
a cash grap, it's nothing else. There's a few apps
that are like a little more than a cash crap,
but it's usually just because they're made, Like there's still
a cash grap, but they're like more well made, but
it's because they're a cash graph from a company that
has better developers or more money to do the initial investment.
(21:44):
The thing is also like most of these companies don't
have a lot of initial investment, And I think the
important thing to consider as well, here is one big
area of this that I have not yet started tackling,
but I do want to like look into more sometimes.
Is a big reason this industry is and most of
these apps have a lot of users despite there being
(22:04):
so many of them, is the affiliate marketing industry. Once again,
our very beloved friend. Yeah, all of these apps are
parts of various affiliate marketing networks, some of them started
by Stockerware Company, and some of them just other like
things to advertise all the shady things like all those
phone number locator apps or whatever, that's also part of
(22:26):
those same affiliate marketing networks. And there's lots of money
flowing here, and there's lots of money flowing to very
big tech YouTube channels, and I might soon have some
proof for some of that. But that's how these are advertised.
It's everyone who advertises stockerware to you, who has a
big platform, is doing that because they're getting money, not
for any other reason.
Speaker 2 (22:48):
We need to do more heads.
Speaker 3 (22:50):
We will be back shortly, and we are back.
Speaker 2 (23:06):
Well that's all I had, Miya, what do you got?
Speaker 3 (23:09):
Yeah, I guess there's there's another thing I wanted to
ask a little bit about, which Zach Whitaker who's been
one of the journal journalists that tech Crunch doing a
lot of the research is great. One of the things
that he brings up that I think is another I
don't know, it's kind of a plane with fire angle
on them. But one of the issues that these companies
seem to have is payment platforms, because a lot of
(23:34):
payment platforms look at this and go wait, hold.
Speaker 4 (23:38):
On, yeah, So that's yeah. We've talked about that a
little bit. That's an angle. We've also been a fighting
on a lot. Like me and Sig, we work on
most of these stories together.
Speaker 1 (23:46):
Like it.
Speaker 4 (23:47):
It's kind of funny. We both got each other into
the stock over thing back in twenty twenty. As I mentioned,
that was the first time I stumbled into a stock
cover app with a security issue. I reached out to
some random journalist that tech Crunch about it, and now
he is the only one talking about this forever because
I reached out to him that one time and he
got sucked into this horrible, horrible world of spying. But yeah, like,
(24:11):
one of the things we focus on a lot is
reporting these companies to their payment providers, to their server hosters,
to the point where sometimes like for weeks sack will
just wait for them to switch to a new provider
after we got them taken them from like PayPal, and
then from their other PayPal account where they're just using
like the checkout experience from one of their completely unrelated
(24:31):
software projects which they will later claim is not related
at all and there are different companies and whatever. But
then like eventually they get taken down from that as well,
and usually we can get them taken them from most
like Western hosters, like especially US hosters, will immediately take
them down. You do not want to risk being the
company hosting spyware on US grounds. Yeah, yeah, it's just
(24:53):
like same with EU hosters, Like the few companies that
we've seen that were on Headsnerd, they immediately react because
it's like, yeah, no want like under EULO, you don't
want to like risk that. And also just because you
don't want to host that, like there's no reason for
you to host shit like that. It will have like
image consequences, and that's an important thing that is maybe
(25:16):
also something you can do as more like a grassroots thing.
It's also like if you find one of these apps
and if you see, oh, they're using like PayPal or whatever,
just reach out. I think paper is even harder to
reach as like just an average lay person. I don't
expect them to reply. They might still take action, you
will have to manually check. PayPal doesn't really reply to
(25:36):
things ever. But yeah, same as like hosting company, if
it's either hosted on like a European or American hosting company,
I just just reach out, be like, hey, there's someone
running spyware on your thing. Also used the word spyware,
not stocker, where they will not know what that is,
and it is spyware. So yeah, and that can usually
get them taken down. And often they don't have proper
(25:58):
backups and will have a few months of data missing,
and it's like, yeah, that's how you slowly grind them
to a halt. Yeah. And also once again like if
you have tips about any of these companies, be it
having found a vulnerability just or insider info especially I'm
always very happy about the insider info. You can reach
out to either me or Sakudak. We're both very happy
(26:20):
to talk about this. Yeah.
Speaker 3 (26:23):
Yeah, that's something that's been used really effectively by right
wingers to target sex workers. There's been a huge thing,
there's been a bunch of campaigns to get platform companies.
And yeah, so it's.
Speaker 4 (26:36):
It's interesting that for once we can use the very
restrictive and conservative rules of payment providers for our good.
Speaker 3 (26:44):
Yeah.
Speaker 4 (26:44):
But yeah, basically any of the big payment providers will
not respect something like this. Some of the small regional
odd ones probably won't really give a shit. They have
no reason to. It's like revenue for them. But yeah,
it's generally worth trying. And I'm always glad like if
someone just reaches out to these companies and we don't
have to do that ourselves. I think me and second
(27:06):
to a few other people like actively working in this
are doing more than enough work currently. But yeah, like
just if you find one of these things that don't
go digging too deep. It's a depressing world. But if
you stumble upon one of these somewhere or whatever, just
just report them. It's it's it's going to disrupt their operations,
and if it happens often enough, they might just give up. Yeah,
(27:28):
And I mean, like in cases like the truth Spy,
they are willing to do extreme amounts of fraud to
get to money easily because they like started with like
mostly just in like with the market they could get
with their Vietnamese payment providers, right, And eventually they realized, well,
the US is like this really big market, right, but
(27:49):
for really easy like US stuff, we need like a
PayPal thing, right, So they made like over twelve fake
American identities with fake passports and fake addresses and sign
up to pay Paul a whole bunch of times and
had various employees that the company move money around. Yeah,
that's obviously not a thing the US government will like
(28:10):
if you do that. Generally speaking, they moved like millions
like that, so yeah, which is pretty crazy like that.
The amount of money that's moving in this industry is crazy,
Like yeah, actually, like most of these app apps will
be half broken, which no one ever complains about because
like it's shady, ye, Like you don't expect like if
(28:31):
you go online and you search for something shady like anything,
like be it piracy or whatever, you don't expect it
to be the best experience ever. Like you know, you're
getting some weird service and it's probably going to be
half broken. But yeah, like most of these talkover apps
start at like forty dollars a month and more and
then some days for more features, you pay like up
to sixty or seventy or so, and then all of
(28:53):
these have like tens of thousands of users, sometimes hundreds
of thousands of users. Yeah, you can do them yourself.
It's crazy. This is a really big industry, which makes
it so crazy to me that it's like not a
thing that's talked about more, especially in like feminist spaces
and things like that, because this is such a like
big angle of like modern tech enabled abuse that they
(29:16):
really think should should be more of a topic, especially
on the left, Like this is this is bad?
Speaker 2 (29:22):
Yeah, no, this is like critically bad. I agree entirely.
Speaker 4 (29:25):
And also like that the whole thing with like all
of this data being so easily accept your data can
end up getting sold on some dark web forum. You're
both asked the abuse around that's the target, right, and
the government can find these like I have no like
this is this is not me making a statement of
that's a thing that's happening, but there's nothing preventing that
(29:46):
from hacking these companies and getting like like I sometimes
like when whenever I get these data sets, and it's
always hard to work with data sets that include like
non consent essentially collected data of people right, yes, but
like I do want it's like do some due diligence checks,
like mostly trying to find if the government is using
a specific app. Sometimes yes, there's always like the odd
(30:07):
correction law of somebody officer who has signed up for
one or two of these apps or like education people
and whatever. But then I also some of the search
through the text message just for just some code words
and the amount of people moving drugs half Stocker were
on their phones.
Speaker 2 (30:23):
It's you know, yeah, and it's it's one of those
things where there are laws, like technically, if if my
understanding of the laws around this are correct, it is
illegal for an organization like the FBI to utilize these apps.
Speaker 4 (30:38):
But yes, but we have an organized and called the
NSA who.
Speaker 2 (30:45):
And it is it is on paper illegal for them
to do this with a third party app. But one
thing that often gets done, particularly by the FBI, but
you know, not just by them, is it's not illegal
for law enforcement agencies to tracked with private agencies. And
if those agencies you don't you just don't check in
(31:05):
on what they're doing, you know, what they're using.
Speaker 4 (31:08):
But like yeah, or like if an inform or like
if an informant like sends you to data, like you're
not going to say.
Speaker 2 (31:14):
No exactly exactly.
Speaker 4 (31:16):
And also you don't really need to disclose that because
it's information and got froment informant. You do not need
to disclose that informant in court ever. So yeah, it's
it's it's there. There are there are ways around, you know,
the laws that we put up, not that we shouldn't
continue to extend those laws, but you shouldn't like just
because well they're not allowed to use this doesn't mean
(31:36):
they can't get access to the info.
Speaker 2 (31:38):
Yeah.
Speaker 4 (31:39):
Yeah. And also there's all this important thing like there's
more like also globally, like there's other governments that can't
just be using this, Like for one of the apps
I got.
Speaker 2 (31:46):
The government, the Russian government doesn't give a ship.
Speaker 4 (31:50):
That was also like another thing where I's like for
one of the apps I got data for. There was
some indication that at some point the Colombian National Police
did a bigger evaluation of using commercials spyware for their
use because you're in the country with not that big
of a like police budget in comparison, you cannot afford
like all the Coolestraeli tools everyone else has, So what
(32:12):
do you do? You just look for random apps you
can find, you know.
Speaker 2 (32:15):
Yeah, you find the Walmart, the Kirklin, the wish to conversion.
I guess yeah, yeah, yeah yeah Ali Baba spywear right. Yeah.
Speaker 4 (32:25):
I don't think most of them moved forward with this
because these apps fucking suck. Like they're bad. Like that's
that's the other thing, Like they don't even really do
their jump. Well, they're bad and you don't know who
is behind them. You cannot even go up to someone
and be like, yo, don't do this. You also knnot
go to the cops and be like this company is
scamming me, because yeah, I assume some people have probably
(32:46):
done that before, but it does involve with admitting to
a crime. So yeah, it's like, yeah, these companies just
get away with not giving a shit about their product
because like.
Speaker 2 (32:56):
Yeah, yeah, well I think that's that's all we had.
Thank you Maya for both the work you're doing and
for talking to us. Yeah, is there anything you wanted
to plug before we roll out here?
Speaker 4 (33:09):
Just my just my blog, I think where we're like,
I do this journalistic work and also more, there's about
to be another cool investigative piece out soon, which tincantually
involves more tracking and whatever and also involves like Hollywood
and more. It's it's, it's it's a crazy big story.
I promise that will be out like hopefully in a
month or so. But yeah, my blog at Maya dot
(33:32):
CRIMEU dot gay crime, you as in crime w yeah,
and kay as in gay yeah. Yeah. Just check out
my blog at the bottom of the blog. There's all
my links to my social media for anyone who's like
listening to this and has been wondering where I am.
I am back on Twitter as well.
Speaker 2 (33:50):
Yeah for now for you, that's for for all of
us these days. That's always like this point.
Speaker 4 (33:58):
But yeah, I am back on Twitter. I am I'm
posting there sometimes. Yeah.
Speaker 2 (34:04):
All right, well, thank you and thank you all for listening.
We will be back tomorrow unless this comes out on
a Friday, in which case we'll be back at some
other point, but soon.
Speaker 1 (34:20):
It could happen here as a production of cool Zone Media.
For more podcasts from cool Zone Media, visit our website
Coolzonemedia dot com, or check us out on the iHeartRadio app,
Apple Podcasts, or wherever you listen to podcasts. You can
find sources for it could happen here. Updated monthly at
coolzonemedia dot com Slash sources. Thanks for listening.
It Could Happen Here News
Host
Robert Evans
Show Links
AboutPopular Podcasts
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations.
Death, Sex & Money
Anna Sale explores the big questions and hard choices that are often left out of polite conversation.
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.